Insider Threat
Insider threat is the risk of someone inside the company inflicting harm or damaging the integrity, confidentiality, or availability of the company, its data, systems, or personnel through malicious, complacent, or unintentional acts.
Look for Early Indicators.
-
​Unauthorized access - Employees accessing data they don't need or accessing sensitive data outside of work hours could indicate a potential insider threat.
-
Data exfiltration - Large amounts of data being transferred or copied, especially to an external device..
-
Unauthorized software installation -Installation of unauthorized software may be a potential insider threat.
Insider threats can fall into many categories, including but not limited to espionage, hacktivism, unauthorized disclosure, corruption and criminal activity, sabotage or service interruption.
​
Insider threats can be particularly detrimental to small and medium sized businesses. Employees in this environment are inherently trusted and have a broader scope of responsibilities, often lacking safeguards and oversight present in large organizations.
The impact of insider threat is wide-ranging when confidential or business critical data walks out and finds a new home with a competitor or worse. Understanding the risks of insider threat is an essential step in preventing data breaches.